Hi, I am new to radius . hence kindly excuse if my terminologies are different from what is expected. I am using Freeradius Version 1.1.7. Is it possible to reject when a request comes from the NAS server with a user logging in without a realm as suffix? For example, if the FreeRadius server receives an authentication request for the user navin , it has to reject. but if it receives the request as navin@freescale.com it has to authenticate him. I tried the below options: I am not using the proxy request support. Hence commenting proxy.conf file and setting proxy_requests = no in the radiusd.conf file. Added the below in the radiusd.conf file with the intention that users of realm freescale.com has to be authenticated and other users should be rejected. realm freescale.com { type = radius authhost = LOCAL accthost = LOCAL } realm NULL { type = radius authhost = LOCAL accthost = LOCAL secret = test } In the radiusd.conf under the section realm module config options ignore_null = yes ignore_default = yes for user@realm. In the users file, added navin@freescale.com Cleartext-Password := "navin123" meaning authenticate navin having a password navin123. But what i observed is, i get authenticated when i login as navin and also as navin@freescale.com . This has been verified with the radtest client program which came along with the freeradius server. Kindly do let me know if the user can be rejected access if he logs in without realm. have a nice day, navin